How To Limit Denial of Service Attacks to Sendmail

Whenever a sendmail receives SMTP request and connection from a remote host, it spawn's a new copy of itself to deal with incoming mail messages. This approach makes it useful for sendmail to process multiple incoming mails simultaneously. However, the nature of linux application always comes with a trade off thing. This issue of spawning another sendmail daemon child would consume another portion of system and thus could hogged down your email server.

Considering the openness of email address nature, an email bomber could launch a malicious flood attack to an email server with bunch of emails for delivery that could easily be done automatically using automated software. This scenario could cause sendmail denial of service.

The below sendmail directives option could restrict and limit the number of sendmail children to spawn, limit the number of connections to receive per second, restrict sendmail process incoming header size, and lastly, limit the maximum acceptable size of one message. By setting this sendmail directive, the effectiveness of such denial of sevice attack to sendmail could be limited and/or delayed.

Sendmail Directives

confCONNECTION_RATE_THROTTLE

This is number of connections sendmail server can receive per second. By default rpm installation, Sendmail does not limit the number of connections per second it can receive. If the value configured here is set and reached, any further connections are then delayed.

confMAX_DAEMON_CHILDREN

This is the number of child processes that can be spawned by the server, or refers to sendmail children. By default rpm installation, Sendmail does not define a limit to the number of spawned child daemon. If this limit is reached, further connections are also delayed.

confMIN_FREE_BLOCKS

This is the minimum number of free blocks is available for sendmail server when accepting mails. The default is 100 blocks. Once the value specified with this sendmail directive is reached, sendmail is instructed to stop accepting mails.

confMAX_HEADERS_LENGTH

This is the maximum acceptable size (in bytes) of an email's message header. Any email message headers that reached this limit would not be accepted and denied from being queued for delivery.

confMAX_MESSAGE_SIZE

Limiting the the maximum acceptable size (in bytes) of an email message could also limit the possible attachment bomb attack against sendmail server. Implementing a maximum message size could set a limit to email message maximum size. An example sendmail.mc entry would likely be\

confMAXRCPTSPERMESSAGE

This is the number of recipients per message. Limiting the maximum recipient one email message could have could restrict any email bomber trying to send an email to multiple recipients.

A sample entry of the above directive would be

define(`confMAX_DAEMON_CHILDREN', 10)
define(`confMAX_HEADERS_LENGTH', `32768')
define(`confMAX_MESSAGE_SIZE', 10000000)
define(`confMIN_FREE_BLOCKS',`3000')
define(`confCONNECTION_RATE_THROTTLE', `3')
define(`confMAXRCPTSPERMESSAGE', `30')

To implement the above sendmail directive, simply backup and modify your /etc/mail/sendmail.mc and recompile it again. For the changes to take effect, simply restart your sendmail service like so

# vi /etc/mail/sendmail.mc
# m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
# service sendmail restart

All is done.